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IN THE CLAIMS 

Claim 1. (Origjual) A method of managing identity information on behalf of network services, 
the method comprising the steps of: 

obtaining a first meta data record describing a first of said network services; and 
utilizing said first meta data record to obtain a first service data record containing first 
identity management information for an user of the first network sendee. 

2. (Currently Amended) The method of claim 1, further comprising the step of utilizing the first 
meta data record to create an a first u ser interface for the user of the first network service to 
enable the user to view said first identity management information. 

3. (Original) The method of claim 1, further comprising the step of utilizing the first meta data 
record to create a first user interface for the user of the first network service to enable the user to 
modify said first identity management information, 

4. (Original) The method of claim 2, wherein the first user interface is dynamically configured 
during creation according to field information contained in the first meta data record. 

5. (Original) The method of claim 1, further comprising: 

obtaining a second meta data record describing a second of said network services; and 

utilizing said second meta data record to obtain a second service data record containing second 

identity management information for a second user of the second network service. 

6. (Original) The method of claim 5, further comprising step of utilizing the second meta data 
record to create a second user interface for the user of the second network service to enable the 
second user to view said second identity management information. 

7. (Original) The method of claim 1, wherein the first identity management information 
includes first network service provisioning information for the user of the first network service. 
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8. (Origmal) The method of claim 1, further comprising the step of denying access to the first 
network service wh^c the first identity management information indicates that the user is not 
provisioned on the first network service. 

9. (Original) A method of faJjBlling identity management infonnation requests bom a network 
user, comprising: 

obtaining meta data associated with a network service; 
using the meta data to present an identity management user interface to an user of the network 
service; and 

populating the identity management user interface with, identity information associated 
with the user. 

10. (Qriginal) The method of claim 9, wherein the step of populating the identity management 
user interface comprises: 

receiving a request for identity management infomiation for the network service from the 
network user over the user interface; 

obtaining the identity information associated with the network user, and 
presenting the identity information to the network user via the user interface. 

11. (Original) The method of claim 10. wherein the step of obtaining the identity information 
comprises accessing an identity information database and retrieving a service record from said 
identity information database containing identity information associated with the network user, 

12. (Original) The method of claim 9. further comprising the step of modifying the identity 
information upon request of the network user. 

13. (Origmal) The method of claim 12, wherein the step of modifying the identity infonnation 
comprises writing changes to the identity infonnation to an identity infonnation database. 



-5- 

PAGE 9/19'RCVD AT4I2S/200S 10:56:28 AM [Eastern Daylight fone]' SVR:USPT0-EFXRF-5/11 ' DNIS:27383I)0 ' CSID:19783713219' DURATION (nun-ss):07-28 



04/25/2006 10:04 19783713219 



JOHN C GORECKI 



PAGE 10/19 



Amendment Dated April 25, 2006 
Serial No. 10/616,561 

14. (Original) The method of claim 13, ftirther comprising the step of validating at least one of 
the changes to the identi ty information and the identity information before writing the changes to 

i 

the identity infoixnation to the identity infomation database. 

15. (Currently Amended) An identity management infirastriwtuxe, comprising^ 

an intCTfece layer configured to receive first identity management requests from first 
network users of a first network service and second identity management requests from second 
network users of a second network service; 

a data access daemon configured to process the first and second identity management 

requests; and 

a data access layer configured to enable the data access daemon to access identity 
management data from at least one identity management database in comiection with processing 
the identity management requests; 

wherein the data access daemon comprises a communicatio ns lavcr configured to 
^facilitate communications witfi the interfane laver. and a data access daemon core configured to 
provide identitv management services, said idaititv management services com prising at least one 
of authentication and authorization , 

16. (Original) The identity management infrastructure of claim 15, wherein the data access 
layer comprises an API configured to commumcate with the data access daemon, and an API 
configured to communicate with the identity management database containing the identity 
management data. 

* 

17. (Original) The identity management infrastructure of claim 16, wherein the API is 
configured to communicate with the database utilizing at least one of Embedded Structured 
Query Language (ESQL), Open DataBase Connectivity (ODBC), Java DataBase Connectivity 
(JDBC), and Lightweight Data Access Protocol (LDAP). 

18. (Canceled) 



* 
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19. (Original) The identity management infrastructure of claim 18, wherein the data access 
daemon core comprises an API configured to interact with meta data structures and service 
structures retrieved from the identity management database. 

20, (Original.) The identity management infrastructure of claim 19, wherein the meta data 
structures describe the network services, and wherein the service structures describe identity 
information associated with users of the network services. 

2L (Original) The identity management infrastructure of claim 18, wherein the data access 
daemon core further comprises an authentication module configured to authenticate the first and 
second network users and an authorization module configured to assess autiiorization levels 
associated with the first and second network users. 

22. (Original) The identity management infrastructure of claim 18, wherein the data access 
daemon core further comprises a validation module configured to validate data prior to 
modification of data in the database. 
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